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FIG. 10 



uuid{58DB5633-0694-4340-97CE-4E1AC6BFFBA7), /HestDIIStd 

helpstring(TestDIIStd Type Ubrary For PAT), 

version(1,0) 

1 

library TestDIIStd 

typedef [public] struct 
{ 

char diParam; 
unsigned char uchParam; 
short sParam; 
unsigned short usParam; 
int nParam; 
unsigned int unParam; 
long IParam; 
unsigned long ulParam; 
double dbParam; 
float fParam; 
}TESTSTRUCT; 

typedef [public] TESTSTRUCT *LPTESTSTRUCT; 
//DEFINE_GUID(GUID_PROGID, 0x8eO37d65. OxefaO, 0x40e7, 0x91, 0x43, Oxef, 0x70, 0x56, 
0x94, 0x5b, 0x79); 



uuid(8E037D65-EFAO-40e7-9143-ER056945B79), 
] helpstring(TestDIIStd.dll for PAT object^, 

interface 
test 

char_stdcall FuncCharStd{[in] char chPram); 
char*_stdcall FuncPCharStd(pn, out] char* IpchParam); 

TESTSTRUCT_stdcall FuncStructStdpnJTESTSTRUCT TestStrud); 
}: LPTESTSTRUCT.stdcall FuncPStructSld{pn, out]LPTESTSTRUCTIp TestStruct): 

} 
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[in] DWORD dwCount, 

[out, custom(PAT_PARAM_ATTR_ID, "sizeis_is(dwCount)")] int* IpnParam 
void.stdcall FuncLengthls 

203 

[in] DWORD dwLength, 

pn, custom(PAT_PARAM_ATTR_ID, "lentgttiJs(dwLength)")] char* IpszParam 

void stdcall FuncBytesIs 

" 204 

[in] DWORD dwSize, 

[in, custom(PAT_PARAM_ATTRJD, "bytesJs(dwSize)")] void* IpParam 
void_stdcall FuncBytesls2 205 

[out, cuslom(PAT_PARAM_AnRJD, "bytesjs(12)")] void* IpParam 
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FIG. 14 



#define PAT.PARAM.AHRJD 00000000-0000;0000-000000000000 

typedef (public] struct 220 
{ 

(in, custom{PAT_PARAM_ATTRJD, "funcname_is(Funclntemal1)")] DWORD pfnFunclntemall 
[in, custom(PAT_PARAI\^_ATTR_ID, "funcname_is(Funclntemal2)")J DWORD pfnFunclntemal2 
[in, custom(PAT_PARAM_ATTRJD, "funcnameJs(Funclntemal3)")] DWORD pfnFunclnternal3 
pn. custom(PAT_PARAM_ATTRJD, "funcname_is(Funclntemal4)")] DWORD pfnFunclnternal4 
}FUNCPOINTERARRAY: 

interface 
test 

void stdcail SetCallBacIt 221 

( " 

[in, custom(PAT_PARAM_AnRJD, 'funcnameJs{FuncCallBacl<)")] DWORD 
pfnFuncCa!IBacl< 

); 

void FuncCallBack(rin] int nParam); --v— 222 

void_stdcall GetFuncPointer 223 

( " 

[out, custom{PAT_PARAM_ATrR_ID, "funcname_is(Funcinternal)")] DWORD 
pfnFunclntemai 

); 

void Funclntemal([in, out] cliar* IpszParam); 224 

void_stdcall GetFuncPointerAn-ay 

( 

[outJFUNCPOINTERARRAY* pFuncPointerArray; 225 

void Funclnternal1([in] int nParam); 

void Funclnternal2([in, outj char* IpzaParam); 

void FunclnternaI3([out] DWORD* dwParam); 226 

void Funclnternal4([); 

}; 
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ARGUMENT(oul) : 
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RETURN VALUE : 


void : 
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2002/03/25 22 : 24:12.057 


MODULE NAME : 


TestDIIStd. DLL 


FUNCTION NAME : 


GetFuncPointerArray 


ARGUMENT(in) : 


ARGUMENT(out) : 


FUNCPOINTERARRAY* pFuncPolnterArray : 0x503860C 




DWORD FUNCPOINTERARRAY. pfnFunclnternall : 0x02997670 




DWORD FUNCPOINTERARRAY pfnFunclnternal2 : 0x02997708 




DWORD FUNCPOINTERARRAY pfnFunclntemalS : 0x029977BE 




DWORD FUNCPOINTERARRAY pfnFunclnternaW : 0x0299784F 


RETURN VALUE : 


void : 


IN TIME : 


2002/03/25 22 : 24:12.068 


OUT TIME : 


2002/03/25 22 : 24:12.079 
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OUT TIME : 


2002/03/25 22 : 24:12.057 


MODULE NAME : 
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FUNCTION NAME : 


Funclnternall 


ARGUMENT(in) : 


char* IpszParam : 0x5038600/0 


ARGUMENT(out) : 


char* IpszParam : 0x5038600/- 1 2 


RETURN VALUE : 


void : 


IN TIME : 
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OUT TIME : 
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MODULE NAME • 
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FUNCTION NAME: 
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ARGUMENT{in) : 


ARGUMENT(oiit) : 
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ARGUMENT(in) : 




ARGUMENT(out) : 




RETURN VALUE : 


void : 


IN TIME : 


2002/03/25 22:24:12.080 


OUT TIME : 


2002/03/25 22 : 24:12.099 
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fdefine PAT_PARAM_ATTRJD 00000000-0000-0000-000000000000 

interface 

test 

{ 

void_stdcall FuncArrayls 

( 240 
[in] DWORD dwCount, 

[in, out, custom(PAT_PARAM_ATTR_ID, "arTayJs{dwCount)")] int* IpnParam 

}: 
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MODULE NAME : 


TestDIIStd. DLL 




FUNCTION NAME : 


FuncArrayls 




ARGUMENT(in) : 


DWORD dwCount : 4 






int* IpnParam : 0x50342060/0x00 




ARGUMENT{out) : 


int* IpnParam : 0x50342060/0x01 




RETURN VALUE : 


void : 




IN TIME : 


2002/03/25 22:24:12.025 




OUT TIME : 


2002/03/25 22:24:12.035 


-^250 


MODULE NAME : 


TestDIIStd. DLL 


FUNCTION NAME ■ 


FuncArravIs 




ARGUMENT(in) : 


DWORD dwCount:3 






int* IpnParam: 0x50342070/0x00 




ARGUMENT(out) : 


int* IpnParam : 0x50342070/0x05 




RETURN VALUE- 


void \ 




IN TIME : 


2002/03/25 22 : 24 : 12.046 




OUT TIME: 


2002/03/25 22 : 24:12.057 




... 




251 








MODULE NAME : 


TestDIIStd. DLL 




FUNCTION NAME; 


FuncArrayls 




ARGUMENT(in) : 


DWORD dwCount:4 






int* IpnParam : 0x5034206D/Array (int : 0 : 0x00, int : 1 : 0x00, int : 2 : 0x00, int : 3 : 0x00) 


ARGUMENT(out) : 


int* IpnParam : Ox50342060/Array (int : 0 : 0x01 , int : 1 : 0x02, int : 2 : 0x03, int : 3 : 0x04) 


RETURN VALUE: 


void: 




IN TIME : 


2002/03/25 22:24:12.025 




OUT TIME: 


2002/03/25 22:24:12.035 




MODULE NAME : 


TestDIIStd. DLL 




FUNCTION NAME : 


FuncAn'ayls 




ARGUMENT(in) : 


DWORD dwCount:3 






int* IpnParam : 0x5034207O/Array (int : 0 : 0x00, int : 1 : 0x00, int : 2 : 0x00) 


ARGUMENT(out) : 


int* IpnParam : 0x5034207O/Array (int : 0 : 0x05, int : 1 : 0x10, int : 2 : 0x15) 


RETURN VALUE: 


void : 




IN TIME : 


2002/03/25 22 : 24:12.046 




OUT TIME: 


2002/03/25 22 : 24:12.057 
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typedef struct 
{ 

DWORD dwSize ; 
DWORD dwParamI ; 
DWORD dwParam2 ; 
DWORD dwParam3; 
}STRUCTSIZE1 ; 

typedef stmct 
{ 

DWORD dwSize ; 
DWORD dwParamI ; 
DWORD dwParam2 ; 
DWORD dwParamS ; 
DWORD dwParam4 ; 
}STRUCTSIZE2 ; 

typedef struct 
{ 

DWORD dwSize ; 
DWORD dwParamI 
DWORD dwParam2 
DWORD dwParamS 
DWORD dwParam4 
DWORD dwParamS 
}STRUGTSIZE3 ; 

void FuncGetData (DWORD dwKind, void* IpBuf) 
{ 

switch(dwKind) 
} 



case 1 
case 2 
case 3 



//IpBuf IS TREATED AS THE POINTER TO STRUCTSIZE1 
break; 

//IpBuf IS TREATED AS THE POINTER TO STRUCTSIZE2 
break; 

//IpBuf IS TREATED AS THE POINTER TO STRUCTSIZE3 
break; 
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#define PAT PARAM_ATTRJD 00000000-0000-0000-0000-000000000000 

typedef [public] struct 290 
{ 

[custom (PAT_PARAM_ATTRJD, "structsizeJs()")]DWORD dwSize; 
DWORD dwParamI 
DWORD dwParam2 
DWORD dwParamS 
DWORD dwParam4 
DWORD dwParamS 

}STRUCTSIZE ; 291 

interface 
test 

{ 

void FuncGetData 292 

^ [in] DWORD dwKind, P 

[in, out] STRUCTSIZE* IpBuf 

); 

}; 
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S2502 




ANALYZE SET STRUCTURE PARAMETER DATA OF ~S2504 
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CONTENT POINTED TO BY POINTER PARAMETER 

IN HDD 



S2505 



CALL ORIGINAL FUNCTION 



S2506 



S2507 




ANALYZE SET STRUCTURE PARAMETER DATA OF 
SIZE DEFINED IN structsize Is 



~S2508 



STORE RETURN TIME, RETURN VALUE, 

AND MEMORY CONTENT POINTED TO BY POINTER 

PARAMETER IN HDD 



S2510 



S2509 




( END 



S2511 
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MODULE NAME : 
FUNCTION NAME 
ARGUMENT(in) : 



ARGUMENT(out) : 



RETURN VALUE : 
IN TIME : 
OUT TIME : 



TestDIIStd. DLL 
FuncGetData 
DWORD dwKind : 1 
STRUCTSIZE* pBuf : 0x5038600 
DWORD STRUCTSIZE. dwSIze : 16 
DWORD STRUCTSIZE. dwParamI : 0 
DWORD STRUCTSIZE. dwParam2 : 0 
DWORD STRUCTSIZE. dwParam3 : 0 
STRUCTSIZE* pBuf : 0x5038600 
DWORD STRUCTSIZE. dwSIze : 16 
DWORD STRUCTSIZE. dwParamI : 1 
DWORD STRUCTSIZE. dwParam2 : 2 
DWORD STRUCTSIZE. dwParam3 : 3 
void : 

2002/03/25 22 : 24:12.025 
2002/03/25 22 : 24 : 12.035 



MODULE NAME : 
FUNCTION NAME 
ARGUMENT(in) : 



ARGUMENT(out) 



RETURN VALUE 
IN TIME : 
OUT TIME : 



TestDIIStd. DLL 
FuncGetData 
DWORD dwKind : 3 
STRUCTSIZE* pBuf : 0x5039900 
DWORD STRUCTSIZE. dwSize : 24 
DWORD STRUCTSIZE. dwParamI :0 
DWORD STRUCTSIZE. dwParam2 : 0 
DWORD STRUCTSIZE. dwParam3 : 0 
DWORD STRUCTSIZE. dwParafn4 : 0 
DWORD STRUCTSIZE. dwParam5 : 0 
STRUCTSIZE* pBuf: 0x5039900 
DWORD STRUCTSIZE. dwSize : 24 
DWORD STRUCTSIZE. dwParamI : 10 
DWORD STRUCTSIZE. dwParam2 : 20 
DWORD STRUCTSIZE. dwParam3 : 30 
DWORD STRUCTSIZE. dwParam4 : 40 
DWORD STRUCTSIZE. dwParamS : 50 
void : 

2002/03/25 22 : 24:12.046 
2002/03/25 22 : 24 : 12.057 
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typedef struct 
{ 

char chParam; 
DWORD dwParam ; 
short shParam ; 
}STRUCTKIND1 ; 

typedef struct 
{ 

short shParam ; 
DWORD dwParam ; 
char chParam; 
}STRUCTKIND2 ; 

typedef struct 
{ 

char chParam; 
DWORD dwParam ; 
short shParam ; 
long IParam ; 
int nParam ; 
}STRUCTKIND3 ; 

void FuncGetData (DWORD dwKind, void* IpBuf) 



switch(dwKind) 

} 

case 1 : 

//IpBuf 
break; 

case 2 : 

//IpBuf 
break; 

case 3 : 

//IpBuf 
break; 

} 

} 



IS TREATED AS THE POINTER TO STRUCTKIND1 
IS TREATED AS THE POINTER TO STRUCTKIND2 
IS TREATED AS THE POINTER TO STRUCTKIND3 
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#define PAT_PARAM_ATTRJD 00000000-0000-000(H)00000000000 

typedef [public] struct 
{ 

char chParam ; 
DWORD dwParam ; 
short shParam ; 
}STRUCTKIND1 ; 

typedef [public] struct 
{ 

short shParam ; 
DWORD dwParam ; 
char chParam ; 
}STRUCTKIND2 ; 

typedef [public] struct 
{ 

char ChParam ; 
short ShParam ; 
DWORD dwParam ; 
long IParam ; 
int nParam ; 
}STRUCTKIND3; 

interface 

test 

{ 

void FuncGetData 
( 

[in] DWORD dwKind, 

On, out, custom(PAT_PARAM_ATrR_ID, 

"stnjctKind_is(dwKind : 1 : STRUCTKIND1*, 2 : STRUCTKIND2*, 3 : STRUCTKIND3* )")] 
void* IpBuf 

): 

}: 
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AS DATA TYPE DEFINED IN structkindis 



S3104 



STORE CALL TIME, PARAMETER, AND MEMORY 
CONTENT POINTED TO BY POINTER PARAMETER 
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CALL ORIGINAL FUNCTION 



-S3106 



S3107 




ANALYZE SET STRUCTURE PARAMETER AS 
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STORE RETURN TIME, RETURN VALUE. AND 
MEMORY CONTENT POINTED TO BY POINTER 
PARAMETER 
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MODULE NAME : TestDIIStd. DLL 

FUNCTION NAME : FuncGetData 

ARGUMENT(ln) : DWORD dwKind : 1 

STRUCTKIND1* pBuf : 0x5038600 
char STRUCTKIND1. chParam : 0 
DWORD STRUCTKIND1.dwParam:0 
short STRUCTKIND1. shParam : 0 

ARGUMENT(out) : STRUCTKIND1 * pBuf : 0x5038600 



char STRUCTKIND1. ChParam : 1 
DWORD STRUCTKIND1.dwParam:2 
short STRUCTKIND1. shParam :3 



MODULE NAME : TestDIIStd. DLL 
FUNCTION NAME : FuncGetData 
ARGUMENT(in) : DWORD dwKInd : 3 



STRUCTKIND3* pBuf : 0x5039900 
Char STRUCTKIND3. chParam : 0 
short STRUCTKIND3. shParam : 0 
DWORD STRUCTKIND3. dwParam : 0 
long STRUCTKIND3.IParam:0 
Int STRUCTKIND3. nParam : 0 



ARGUMENT(out) : STRUCTKIND3* pBuf : 0x5039900 



char STRUCTKIND3. chParam : 10 
short STRUCTKIND3. shParam : 20 
DWORD STRUCTKIND3. dwParam : 30 
long STRUCTKIND3. IParam : 40 
int STRUCTKIND3. nParam : 50 



RETURN VALUE : 
IN TIME : 
OUT TIME : 



void : 

2002/03/25 22 : 24 : 12.025 
2002/03/25 22 : 24 : 12.035 



RETURN VALUE : 
IN TIME : 
OUT TIME : 



void : 

2002/03/25 22:24:12.046 
2002/03/25 22 : 24:12.057 
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POINTER PARAMETER IN HDD 
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MODULE NAME : 


A. DLL 


FUNCTION NAME : 


FuncAA 


ARGUMENT : 


DWORD dwID : Err>100 


RETURN VALUE : 


DWORD dwRet : Err==0 


MODULE NAME : 


A. DLL 


FUNCTION NAME: 


FuncAB 


ARGUMENT : 


DWORD dwHandle : Err==0 


OL 1 i mill \/AI 1 1^ . 

RETURN VALUE : 


int nRet : Eit<=— 1 


MODULE NAME : 


B. DLL 


INTERFACE NAME : 


InterfaceA 


METHOD NAME : 


MethodAA 


ARGUMENT: 


DWORD dwID : Err>100 


RETURN VALUE : 


DWORD dwHandle: Eit==0 


MODULE NAME : 


B. DLL 


INTERFACE NAME : 


InterfaceA 


METHOD NAME : 


MethodAB 


ARGUMENT : 


DWORD dwlD:Err<=0 


RETURN VALUE : 


DWORD dwRet: Err!=0 


MODULE NAME : 


B. DLL 


INTERFACE NAME : 


InterfaceB 


METHOD NAME : 


MethodBA 


ARGUMENT: 


DWORD dwlD:Err>=0 


RETURN VALUE : 


DWORD dwRet: Err!=0 
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